Package Crypto :: Package Cipher :: Module blockalgo
[frames] | no frames]

Module blockalgo

Module with definitions common to all block ciphers.
Classes
  BlockAlgo
Class modelling an abstract block cipher.
Variables
  MODE_ECB = 1
Electronic Code Book (ECB). This is the simplest encryption mode. Each of the plaintext blocks is directly encrypted into a ciphertext block, independently of any other block. This mode exposes frequency of symbols in your plaintext. Other modes (e.g. CBC) should be used instead.
  MODE_CBC = 2
Cipher-Block Chaining (CBC). Each of the ciphertext blocks depends on the current and all previous plaintext blocks. An Initialization Vector (IV) is required.
  MODE_CFB = 3
Cipher FeedBack (CFB). This mode is similar to CBC, but it transforms the underlying block cipher into a stream cipher. Plaintext and ciphertext are processed in segments of s bits. The mode is therefore sometimes labelled s-bit CFB. An Initialization Vector (IV) is required.
  MODE_PGP = 4
This mode should not be used.
  MODE_OFB = 5
Output FeedBack (OFB). This mode is very similar to CBC, but it transforms the underlying block cipher into a stream cipher. The keystream is the iterated block encryption of an Initialization Vector (IV).
  MODE_CTR = 6
CounTeR (CTR). This mode is very similar to ECB, in that encryption of one block is done independently of all other blocks. Unlike ECB, the block position contributes to the encryption and no information leaks about symbol frequency.
  MODE_OPENPGP = 7
OpenPGP. This mode is a variant of CFB, and it is only used in PGP and OpenPGP applications. An Initialization Vector (IV) is required.
  __package__ = 'Crypto.Cipher'
Variables Details

MODE_ECB

Electronic Code Book (ECB). This is the simplest encryption mode. Each of the plaintext blocks is directly encrypted into a ciphertext block, independently of any other block. This mode exposes frequency of symbols in your plaintext. Other modes (e.g. CBC) should be used instead.

See NIST SP800-38A , Section 6.1 .

Value:
1

MODE_CBC

Cipher-Block Chaining (CBC). Each of the ciphertext blocks depends on the current and all previous plaintext blocks. An Initialization Vector (IV) is required.

The IV is a data block to be transmitted to the receiver. The IV can be made public, but it must be authenticated by the receiver and it should be picked randomly.

See NIST SP800-38A , Section 6.2 .

Value:
2

MODE_CFB

Cipher FeedBack (CFB). This mode is similar to CBC, but it transforms the underlying block cipher into a stream cipher. Plaintext and ciphertext are processed in segments of s bits. The mode is therefore sometimes labelled s-bit CFB. An Initialization Vector (IV) is required.

When encrypting, each ciphertext segment contributes to the encryption of the next plaintext segment.

This IV is a data block to be transmitted to the receiver. The IV can be made public, but it should be picked randomly. Reusing the same IV for encryptions done with the same key lead to catastrophic cryptographic failures.

See NIST SP800-38A , Section 6.3 .

Value:
3

MODE_OFB

Output FeedBack (OFB). This mode is very similar to CBC, but it transforms the underlying block cipher into a stream cipher. The keystream is the iterated block encryption of an Initialization Vector (IV).

The IV is a data block to be transmitted to the receiver. The IV can be made public, but it should be picked randomly.

Reusing the same IV for encryptions done with the same key lead to catastrophic cryptograhic failures.

See NIST SP800-38A , Section 6.4 .

Value:
5

MODE_CTR

CounTeR (CTR). This mode is very similar to ECB, in that encryption of one block is done independently of all other blocks. Unlike ECB, the block position contributes to the encryption and no information leaks about symbol frequency.

Each message block is associated to a counter which must be unique across all messages that get encrypted with the same key (not just within the same message). The counter is as big as the block size.

Counters can be generated in several ways. The most straightword one is to choose an initial counter block (which can be made public, similarly to the IV for the other modes) and increment its lowest m bits by one (modulo 2^m) for each block. In most cases, m is chosen to be half the block size.

Reusing the same initial counter block for encryptions done with the same key lead to catastrophic cryptograhic failures.

See NIST SP800-38A , Section 6.5 (for the mode) and Appendix B (for how to manage the initial counter block).

Value:
6

MODE_OPENPGP

OpenPGP. This mode is a variant of CFB, and it is only used in PGP and OpenPGP applications. An Initialization Vector (IV) is required.

Unlike CFB, the IV is not transmitted to the receiver. Instead, the encrypted IV is. The IV is a random data block. Two of its bytes are duplicated to act as a checksum for the correctness of the key. The encrypted IV is therefore 2 bytes longer than the clean IV.

Value:
7